If you want to verify the password user entered, simply rehash the plain text password using the same method you do when you save the password into the database. It should be equal. Thus, you DO NOT need to save plain text password. If a user calls for "Forget Password" force the user to RESET the password instead.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of
1.18 million developers, IT pros, digital marketers,
and technology enthusiasts learning and sharing knowledge.